dridex | ba2d6d2f0fe90672045f433a102306a23daa8121259dc451b3fe5705543910a0 | Triage

Sharing

General

Target

JaffaCakes118_ba2d6d2f0fe90672045f433a102306a23daa8121259dc451b3fe5705543910a0
Size

167KB
Sample

241224-dmkhka1jgk
MD5

8e6c3c299d8011419e64eb7985ddc667
SHA1

1b83974cc060dd7ee58e2416a74683019572f0a5
SHA256

ba2d6d2f0fe90672045f433a102306a23daa8121259dc451b3fe5705543910a0
SHA512

518f0c6c423f413390658ce94f837eeefe52d10419b5ba1acdc0446b3d41ea0a455873e9fee571a13c302f02505338f5c00c7a68a25815bc5c2e6d119b5d010a
SSDEEP

3072:IVG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idyB:NERMVPG6+Y63HoG1QawL40Prx6KsB

Score

10^/10

dridex 22201 botnet discovery loader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain

rc4.plain

Targets

- Target
  
  JaffaCakes118_ba2d6d2f0fe90672045f433a102306a23daa8121259dc451b3fe5705543910a0
- Size
  
  167KB
- MD5
  
  8e6c3c299d8011419e64eb7985ddc667
- SHA1
  
  1b83974cc060dd7ee58e2416a74683019572f0a5
- SHA256
  
  ba2d6d2f0fe90672045f433a102306a23daa8121259dc451b3fe5705543910a0
- SHA512
  
  518f0c6c423f413390658ce94f837eeefe52d10419b5ba1acdc0446b3d41ea0a455873e9fee571a13c302f02505338f5c00c7a68a25815bc5c2e6d119b5d010a
- SSDEEP
  
  3072:IVG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idyB:NERMVPG6+Y63HoG1QawL40Prx6KsB
Score

10^/10

dridex 22201 botnet discovery loader
- Dridex
  Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
  botnet dridex
- Dridex family
  dridex
- Dridex Loader
  Detects Dridex both x86 and x64 loader in memory.
  botnet loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

dridex22201botnetdiscoveryloader

behavioral2

dridex22201botnetdiscoveryloader